One of the challenging problems in managing large networks is the complexity of security administration. Role Based Access Control (RBAC) reduces the complexity and cost of security administration in large networked applications. Security systems based on RBAC have been adopted in complex software systems from databases to application servers.
Service-Oriented Architecture (SOA) is based on the deconstruction of yesterday's monolithic applications and information technology infrastructure into a matrix of discrete, standards-based, network-accessible services. The process of transformation requires the organization, identification, and repurposing of applications and business processes of the existing information technology infrastructure. The transformation to SOA begins with an analysis of the IT infrastructure to identify applications, business processes, and other software assets that become services, or otherwise support the SOA.
Metadata is data about data, or more specifically, information about the content of the data; service metadata is information about the services in an SOA. Service producers use service metadata to describe what service consumers need to know to interact with the service producers. Service metadata is stored in a metadata repository by service producers and then accessed by service consumers. A metadata repository provides visibility into the portfolio of assets, the traceability of the assets within that portfolio, and the relationships and interdependencies that connect the assets to each other. Furthermore, the metadata repository provides visibility into the policies that govern use of the assets and the projects that produce the assets and consume the assets.